CVE-2011-1002
22.02.2011, 19:00
avahi-core/socket.c in avahi-daemon in Avahi before 0.6.29 allows remote attackers to cause a denial of service (infinite loop) via an empty mDNS (1) IPv4 or (2) IPv6 UDP packet to port 5353. NOTE: this vulnerability exists because of an incorrect fix for CVE-2010-2244.
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| avahi | avahi | 𝑥 ≤ 0.6.28 |
| avahi | avahi | 0.1 |
| avahi | avahi | 0.2 |
| avahi | avahi | 0.3 |
| avahi | avahi | 0.4 |
| avahi | avahi | 0.5 |
| avahi | avahi | 0.5.1 |
| avahi | avahi | 0.5.2 |
| avahi | avahi | 0.6.1 |
| avahi | avahi | 0.6.2 |
| avahi | avahi | 0.6.3 |
| avahi | avahi | 0.6.4 |
| avahi | avahi | 0.6.5 |
| avahi | avahi | 0.6.6 |
| avahi | avahi | 0.6.7 |
| avahi | avahi | 0.6.8 |
| avahi | avahi | 0.6.9 |
| avahi | avahi | 0.6.10 |
| avahi | avahi | 0.6.11 |
| avahi | avahi | 0.6.12 |
| avahi | avahi | 0.6.13 |
| avahi | avahi | 0.6.14 |
| avahi | avahi | 0.6.15 |
| avahi | avahi | 0.6.16 |
| avahi | avahi | 0.6.17 |
| avahi | avahi | 0.6.18 |
| avahi | avahi | 0.6.19 |
| avahi | avahi | 0.6.20 |
| avahi | avahi | 0.6.21 |
| avahi | avahi | 0.6.22 |
| avahi | avahi | 0.6.23 |
| avahi | avahi | 0.6.24 |
| avahi | avahi | 0.6.25 |
| avahi | avahi | 0.6.26 |
| avahi | avahi | 0.6.27 |
| redhat | enterprise_linux | 5.0 |
| redhat | enterprise_linux | 6.0 |
| canonical | ubuntu_linux | 8.04 |
| canonical | ubuntu_linux | 9.10 |
| canonical | ubuntu_linux | 10.04 |
| canonical | ubuntu_linux | 10.10 |
| debian | debian_linux | 5.0 |
| debian | debian_linux | 6.0 |
| debian | debian_linux | 7.0 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
openSUSE / SLES Releases
openSUSE Product | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| avahi |
| ||||||||||||||||||||
| avahi-autoipd |
| ||||||||||||||||||||
| avahi-compat-howl-devel |
| ||||||||||||||||||||
| avahi-compat-mDNSResponder-devel |
| ||||||||||||||||||||
| avahi-lang |
| ||||||||||||||||||||
| avahi-utils |
| ||||||||||||||||||||
| libavahi-client3 |
| ||||||||||||||||||||
| libavahi-client3-32bit |
| ||||||||||||||||||||
| libavahi-common3 |
| ||||||||||||||||||||
| libavahi-common3-32bit |
| ||||||||||||||||||||
| libavahi-core7 |
| ||||||||||||||||||||
| libavahi-devel |
| ||||||||||||||||||||
| libdns_sd |
| ||||||||||||||||||||
| libdns_sd-32bit |
| ||||||||||||||||||||
| libhowl0 |
|
Red Hat Enterprise Linux Releases
Red Hat Product | |||
|---|---|---|---|
| avahi |
| ||
| avahi-autoipd |
| ||
| avahi-compat-howl |
| ||
| avahi-compat-howl-devel |
| ||
| avahi-compat-libdns |
| ||
| avahi-devel |
| ||
| avahi-dnsconfd |
| ||
| avahi-glib |
| ||
| avahi-glib-devel |
| ||
| avahi-gobject |
| ||
| avahi-gobject-devel |
| ||
| avahi-libs |
| ||
| avahi-qt3 |
| ||
| avahi-qt3-devel |
| ||
| avahi-qt4 |
| ||
| avahi-qt4-devel |
| ||
| avahi-tools |
| ||
| avahi-ui |
| ||
| avahi-ui-devel |
| ||
| avahi-ui-tools |
|
Common Weakness Enumeration
References